DR Testing
Unlock the complete study guide + 1,040 practice questions across 16 full exams.
Bundled into the existing Certified Information Systems Security Professional premium course — no separate purchase.
Included in this chapter:
- The test ladder: why rigor and risk rise together
- Each test type in detail
- Running tests well: cadence, ownership, and closing the loop
- Exam-pattern recognition
The five DR plan test types, from least to most rigorous and disruptive
| Test type | What it exercises | Touches real systems? | Operational risk / cost | When to use |
|---|---|---|---|---|
| Read-through (checklist) | Owners review the plan on paper for currency and completeness | No: paper only | Lowest; run most often | Routine maintenance check; first pass on any plan |
| Structured walk-through (tabletop) | Team discusses roles against a facilitator's scenario | No: discussion only, no equipment | Very low | Surface role/coordination gaps before any live test |
| Simulation | Team acts out a disaster scenario in a mock setting; no real recovery | No: simulated environment | Low–moderate | Rehearse response and notifications without disrupting production |
| Parallel | Recovery site activated and runs real workloads alongside production | Yes: recovery site only | Moderate; no production risk | Prove the recovery site produces correct results without cutover |
| Full-interruption (full-scale) | Production halted; business fails over to the recovery site for real | Yes: production and recovery site | Highest; can cause a real outage | Final end-to-end proof; mature plan, management-accepted risk |
Decision tree
Cheat sheet
Unlock with Premium — includes all practice exams and the complete study guide.